public-project-permission-9029.patch

Kevin Fischer, 2021-02-13 08:13

Download (7.66 KB)

View differences:

app/models/project.rb
824 824
    'name',
825 825
    'description',
826 826
    'homepage',
827
    'is_public',
828 827
    'identifier',
829 828
    'custom_field_values',
830 829
    'custom_fields',
......
850 849
      end
851 850
  )
852 851

  
852
  safe_attributes(
853
    'is_public',
854
    :if => lambda do |project, user|
855
      user.allowed_to?(:publish_project, project)
856
    end)
857

  
853 858
  safe_attributes(
854 859
    'inherit_members',
855 860
    :if => lambda {|project, user| project.parent.nil? || project.parent.visible?(user)})
app/views/projects/_form.html.erb
11 11
<% end %></p>
12 12
<p><%= f.text_field :homepage, :size => 60 %></p>
13 13
<p>
14
  <%= f.check_box :is_public %>
15
  <em class="info"><%= Setting.login_required? ? l(:text_project_is_public_non_member) : l(:text_project_is_public_anonymous) %></em>
14
  <% if @project.safe_attribute? 'is_public' %>
15
    <%= f.check_box :is_public, disabled: !(@project.is_public? || User.current.allowed_to?(:publish_project, @project)) %>
16
    <em class="info"><%= Setting.login_required? ? l(:text_project_is_public_non_member) : l(:text_project_is_public_anonymous) %></em>
17
  <% else %>
18
    <%= f.label_for_field(:is_public) %>
19
    <span id="project_is_public" style="padding-top: 3px; padding-left: 3px; display: inline-block">
20
      <%= @project.is_public ? l(:general_text_Yes) : l(:general_text_No) %>
21
    </span>
22
  <% end %>
16 23
</p>
17 24

  
18 25
<% unless @project.allowed_parents.compact.empty? %>
config/locales/de.yml
948 948
  permission_manage_versions: Versionen verwalten
949 949
  permission_manage_wiki: Wiki verwalten
950 950
  permission_protect_wiki_pages: Wiki-Seiten schützen
951
  permission_publish_project: Projekt als öffentlich markieren
951 952
  permission_rename_wiki_pages: Wiki-Seiten umbenennen
952 953
  permission_save_queries: Filter speichern
953 954
  permission_select_project_modules: Projektmodule auswählen
config/locales/en.yml
509 509
  permission_add_project: Create project
510 510
  permission_add_subprojects: Create subprojects
511 511
  permission_edit_project: Edit project
512
  permission_publish_project: Publish project
512 513
  permission_close_project: Close / reopen the project
513 514
  permission_delete_project: Delete the project
514 515
  permission_select_project_modules: Select project modules
config/locales/ja.yml
406 406
  permission_add_project: プロジェクトの追加
407 407
  permission_add_subprojects: サブプロジェクトの追加
408 408
  permission_edit_project: プロジェクトの編集
409
  permission_publish_project: プロジェクトの公開
409 410
  permission_select_project_modules: モジュールの選択
410 411
  permission_manage_members: メンバーの管理
411 412
  permission_manage_versions: バージョンの管理
db/migrate/20210213065920_add_publish_project_permission.rb
1
class AddPublishProjectPermission < ActiveRecord::Migration[5.2]
2
  def up
3
    Role.all.each do |role|
4
      role.add_permission! :publish_project if role.has_permission?(:add_project) || role.has_permission?(:edit_project)
5
    end
6
  end
7
end
lib/redmine.rb
83 83
  map.permission :search_project, {:search => :index}, :public => true, :read => true
84 84
  map.permission :add_project, {:projects => [:new, :create]}, :require => :loggedin
85 85
  map.permission :edit_project, {:projects => [:settings, :edit, :update]}, :require => :member
86
  map.permission :publish_project, {}
86 87
  map.permission :close_project, {:projects => [:close, :reopen]}, :require => :member, :read => true
87 88
  map.permission :delete_project, {:projects => :destroy}, :require => :member
88 89
  map.permission :select_project_modules, {:projects => :modules}, :require => :member
test/fixtures/roles.yml
9 9
    ---
10 10
    - :add_project
11 11
    - :edit_project
12
    - :publish_project
12 13
    - :close_project
13 14
    - :delete_project
14 15
    - :select_project_modules
......
78 79
  permissions: |
79 80
    ---
80 81
    - :edit_project
82
    - :publish_project
81 83
    - :delete_project
82 84
    - :manage_members
83 85
    - :manage_versions
......
129 131
  permissions: |
130 132
    ---
131 133
    - :edit_project
134
    - :publish_project
132 135
    - :manage_members
133 136
    - :manage_versions
134 137
    - :manage_categories
test/functional/projects_controller_test.rb
1365 1365
      assert_select 'a[href=?]', '/projects/ecookbook/search?scope=subprojects'
1366 1366
    end
1367 1367
  end
1368

  
1369
  def test_user_without_publish_project_permission_cannot_publish
1370
    project = Project.generate!(is_public: false)
1371
    user = User.generate!
1372
    User.add_to_project(user, project, Role.generate!(:permissions => [:edit_project])) # No Publish Project permission
1373

  
1374
    @request.session[:user_id] = user.id
1375
    post(
1376
      :update,
1377
      params: {id: project.id, project: {is_public: true}}
1378
    )
1379

  
1380
    assert_response 302
1381
    assert_equal project.reload.is_public?, false
1382
  end
1383

  
1384
  def test_without_publish_project_permission_publish_there_is_no_checkbox
1385
    project = Project.generate!(is_public: false)
1386
    user = User.generate!
1387
    User.add_to_project(user, project, Role.generate!(:permissions => [:edit_project])) # No Publish Project permission
1388

  
1389
    @request.session[:user_id] = user.id
1390
    get(
1391
      :settings,
1392
      params: {id: project.id}
1393
    )
1394

  
1395
    assert_select '#project_is_public', :text => 'No'
1396

  
1397
    # Test Yes
1398
    project.update(is_public: true)
1399

  
1400
    @request.session[:user_id] = user.id
1401
    get(
1402
      :settings,
1403
      params: {id: project.id}
1404
    )
1405

  
1406
    assert_select '#project_is_public', :text => 'Yes'
1407
  end
1368 1408
end
1369
-